Embedded Security Expert (Hardware Attacks & Certifications)

We are Tropic Square. Our mission is to make a TRuly OPen IC. We believe in this digital age, transparent and auditable security solutions are necessary to ensure high standards. Our belief led to the creation of TROPIC01 - the secure chip with a revolutionary and transparent implementation.

We’re looking for an Embedded Security Expert to join our remote-first team focused on open-source hardware in the semiconductor space.

We value both hackers who love to “break things to improve them” and analysts who are concentrated on a deep understanding of complex system security. Both roles are essential and valuable for our team to strengthen security of our products.

Note: We do not expect you to be an expert in every domain listed below. We are looking for a specialist with deep, "black-belt" knowledge in at least one of these pillars (FI, SCA, Crypto, or Certifications) and a willingness to share that expertise with the team.

👉 What you'll work on

• Resilience analysis: Performing Side Channel Analysis (SCA) and Fault Injection (FI) attacks to identify vulnerabilities in our hardware designs

• Security architecture: Designing and validating countermeasures against physical attacks at both the silicon and firmware levels

• Cryptographic implementation: Working with cryptographic modules, ensuring their secure integration, and validating implementations (from classic AES/ECC to Post-Quantum Cryptography)

• Certification leadership: Guiding projects through formal security certification processes (e.g. Common Criteria, FIPS, NIST)

• Tooling & automation: Developing and improving internal (and open source) tools for automated security testing and verification

💪 Who you are

• A senior profile in Embedded Security who understands the intersection of software and silicon

• Deep expertise in at least ONE of the following:

  • Physical attacks: Practical experience with glitching (voltage, clock), EMFI, or laser injection

  • Side channel analysis: Proficiency in power analysis (DPA/CPA), electromagnetic emissions, and timing attacks

  • Cryptography: Deep understanding of the mathematics behind algorithms and their implementation pitfalls

  • Compliance & certification: Experience driving certification processes and drafting Security Targets

• A system-oriented thinker who understands that security is a holistic property, not just a feature

• A community-minded contributor comfortable working in an open source culture and communicating complex findings to both internal and external stakeholders

🤝 Why join us

• Autonomy & flexibility: Work remotely, in a hybrid setup, or from the office. We value deep work and results over office hours

• Deep tech focus: No superficial scripting. You will face real-world challenges in semiconductor design and hardware security

• Open source impact: Your work will be public-facing, contributing to a more transparent and secure global hardware ecosystem

• Prague meetups: Occasional in-person team gatherings in Prague for high-level planning, collaboration, and team building

👋 Sounds good? We want to hear from you! Just submit your CV together with a cover letter. After initial screening by HR, you'll be directly in touch with your future team.